904 Security Engineer jobs in the United States

Make a difference here.

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.

By creating continuously optimized identification, detection, and resilience from todays dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.

We are seeking a Senior Security Engineer to implement and manage advanced security solutions with a focus on Mandiant and Proofpoint technologies within federal government environments. This role will be responsible for security architecture, threat detection, incident response, and email security operations across critical government infrastructure.

Work Environment

Hybrid work model with 2 day/week on-site presence near National Harbor, Maryland

Must maintain required security clearance

Participation in on-call rotation for security incident response

• Design and implement security controls using Mandiant and Proofpoint solutions to protect federal networks
• Support the on-prem Mandiant product in a DHS environment
• Engineer custom integrations between security tools to enhance threat detection and response capabilities
• Lead security architecture efforts to ensure comprehensive protection against advanced threats
• Configure and tune Proofpoint email security defenses to protect against phishing and advanced threats
• Implement and manage Mandiant Threat Intelligence feeds within existing security infrastructure
• Develop and maintain security automation workflows to streamline incident response
• Implement security monitoring solutions and develop custom detection rules
• Provide technical leadership during security incidents and coordinate response activities
• Ensure all security implementations meet federal requirements (FISMA, RMF, CISA directives)

• Bachelor's degree in Cybersecurity, Information Security, or related field
• 7+ years of security engineering experience with 3+ years focusing on advanced threat detection
• Hands-on experience configuring and managing Mandiant security solutions
• Demonstrated expertise with Proofpoint email security implementation and administration
• Strong understanding of security operations in high-security environments
• Experience implementing security controls per NIST SP 800-53 requirements
• Knowledge of threat hunting methodologies and incident response procedures
• Proficiency with security scripting and automation (Python, PowerShell)
• Experience with security tools integration and API development

• Experience securing federal agency networks and systems
• Prior work with federal agency security operations
• Security certifications (CISSP, GIAC, CEH, Security+)
• Experience with SIEM platforms and security orchestration tools
• Background in cloud security for government environments (FedRAMP)
• Knowledge of Zero Trust implementation per federal guidelines
• Experience with supply chain security requirements (EO 14028)

• Hybrid work model with 2 day/week on-site presence near National Harbor, Maryland
• Must be able to pass a Federal background investigation - US Citizenship required
• Participation in on-call rotation for security incident response

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
• Group Term Life, Short-Term Disability, Long-Term Disability
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
• Participation in the Discretionary Time Off (DTO) Program
• 11 Paid Holidays Annually

$140,000 - $155,000 a year

UltraViolet Cyber maintains broad salary ranges for its roles in order to

Who we are

At CarGurus (NASDAQ: CARG), our mission is to give people the power to reach their destination. We started as a small team of developers determined to bring trust and transparency to car shopping. Since then, our history of innovation and go-to-market acceleration has driven industry-leading growth. In fact, were the largest and fastest-growing automotive marketplace, and weve been profitable for over 15 years.

What we do

The market is evolving, and we are too, moving the entire automotive journey online and guiding our customers through every step. That includes everything from the sale of an old car to the financing, purchase, and delivery of a new one. Today, tens of millions of consumers visit CarGurus.com each month, and 30,000 dealerships use our products. But they're not the only ones who love CarGurusour employees do, too. We have a people-first culture that fosters kindness, collaboration, and innovation, and empowers our Gurus with tools to fuel their career growth. Disrupting a trillion-dollar industry requires fresh and diverse perspectives. Come join us for the ride!

Role overview

Were seeking a Principal Security Engineer, Operations who will lead the design, development, and operation of scalable detection and defensive security controls across our cloud-first and hybrid environments. This individual will be a key technical leader within the Information Security team, responsible for evolving our threat detection, response, and prevention capabilities. The ideal candidate has deep experience in both red and blue team methodologies and exercises, with a proven ability to think like an attacker while building resilient detection infrastructure that scales.

This role is foundational to our cloud and infrastructure security strategy programs and will help define the future of our threat detection architecture.

What you'll do

• Evaluate, advise, and deploy new security technologies alongside other technologies Information Security and peer partners (e.g. Platform Engineering, IT).
• Design, architect, and implement scalable detection pipelines across cloud (e.g. AWS, Azure, GCP) endpoints, identity, DLP, and SaaS platforms that support proactive threat identification and response.
• Mature our Security Information and Event Management (SIEM) and centralized logging capabilities, focusing on enrichment, correlation, and high-signal detections.
• Develop detection-as-code practices and CI/CD pipelines for deployment and tuning of detection logic.
• Make thoughtful long-term architectural design and strategy decisions for our Cloud Native Application Protection Platform (CNAPP) to ensure coverage, efficiencies and reduce false positives while maintaining continuity across multiple infrastructure environments.
• Work with infrastructure-as-code (IAC) technologies to establish automated security configurations for platform hardening and cloud-native control enforcement.
• Collaborate closely with AppSec offensive security, and Cloud Engineering teams to identify detection opportunities and test control efficacy.
• Partner with our Technical Leadership Team (TLT) to provide feedback and guidance related to security operational decisions to support the product development of our platform.
• Implement necessary security changes to support our Identity Governance Access (IAG) program and Role-Based Access Control (RBAC) models.
• Contribute to third-party vulnerability and penetration testing engagements and feed learnings into the broader detection engineering strategy.
• Continuously improve our vulnerability management program by triaging issues and identifying gaps in pre-production versus post-production detection.
• Ensure alignment to industry frameworks such as CIS Controls, ISO 27XXX, and NIST, embedding defensible security practices across the stack.
• Act as the Incident Commander of the Security Incident Response Team (SIRT), overseeing triage, containment, and forensics during investigations.

What you'll bring

• 7+ years in detection engineering, security operations, or a similar role, with a strong track record building detection logic in large-scale or cloud-native environments.
• Experience architecting and deploying detection pipelines across platforms like AWS, GCP, or Azure using tools such as Chronicle, Splunk, Panther, or open-source equivalents.
• Strong red + blue team mindset: you think like an attacker and build defenses that go beyond surface-level detection.
• Expertise in cloud control plane monitoring, identity threat detection, and infrastructure log analysis.
• Deep familiarity with adversary TTPs (MITRE ATT&CK), anomaly-based detection techniques, and event correlation strategies.
• Experience operationalizing detection-as-code pipelines (e.g., CI/CD for detection logic).
• Ability to communicate detection priorities and incident insights to technical and non-technical stakeholders.
• Authored and maintained infrastructure security policies, standards, and procedures
• History of working on a Security Incident Response Team (SIRT) investigating events, triaging potential incidents, containing environments, conducting forensics analysis
• Experience evaluating, running PoCs, and deploying new security tooling solutions.

Working at CarGurus

We reward our Gurus curiosity and passion with best-in-class benefits and compensation, including equity for all employees, both when they start and as they continue to grow with us. Our career development and corporate giving programs, as well as our employee resource groups (ERGs) and communities, help people build connections while making an impact in personally meaningful ways. A flexible hybrid model and robust time off policies encourage work-life balance and individual well-being. Thoughtful perks like daily free lunch, a new car discount, meditation and fitness apps, commuting cost coverage, and more help our people create space for what matters most in their personal and professional lives.

We welcome all

CarGurus strives to be a place to which people can bring the ultimate expression of themselves and their potentialstarting with our hiring process. We do not discriminate based on race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. We foster an inclusive environment that values people for their skills, experiences, and unique perspectives. Thats why we hope youll apply even if you dont check every box listed in the job description. We also encourage you to tell your recruiter if you require accommodations to participate in our hiring process due to a disability so we can provide the appropriate support. We want to know what only you can bring to CarGurus. #LI-Hybrid

Job Description

Looking to build your career with a company that values innovation , stability , and people ? Join our dedicated team as a Security Engineer at our Bridgeton, MO location!

This position follows a fully onsite work schedule (5 days in the office). Candidates who are not currently located in the St. Louis area must be willing to relocate.

Since 1946, Hunter Engineering has been aligning cutting-edge technology with a strong commitment to quality. As a family-owned , American-made company, Hunter is the global leader in automotive service equipment, with our products used in over 130 countries by top vehicle manufacturers, tire companies, and service centers.

We’re proud to be recognized as a Best Places to Work finalist by the St. Louis Business Journal for four consecutive years (2022 – 2025) – a testament to our commitment to our people. Here, employees are supported, challenged, and take pride in their work. We offer exceptional benefits, a healthy work-life balance, and meaningful opportunities for professional growth.

If you’re ready to join a team that’s shaping the future of automotive service, read on.

As a Security Engineer:

What You'll Do:

• Design, implement, manage, maintain, improve, and troubleshoot Hunter’s various security systems, including but not limited to Data Loss Prevention (DLP), SIEM and UEBA, endpoint protection, and data security/auditing platforms.
• Analyze and audit systems, software, processes, implementations, and environments for compliance with policies, regulations, and security best practices; and recommend and implement refinements and enhancements, in collaboration with individuals and teams.
• Conduct threat, vulnerability, and risk assessments, at times in collaboration with external auditors, to understand and eliminate potential system and network vulnerabilities.
• Develop and improve monitoring and visibility capabilities of information systems, and act as a technical leader for security incident detection, response, handling, and forensics.
• Provide reporting on incidents, investigations, vulnerabilities, trends, conditions, and events.
• Remain current on information security topics, trends, events, and developments.
• May occasionally provide end-user security training.
• Provide end-user support as necessary.
• Provide exceptional customer service while acting ethically and maintaining business confidentiality.
• Provide afterhours support as required and be able to identify critical issues that require urgent response.
• Additional duties as assigned

What You'll Bring:

• 7+ years of experience in Information Technology required; inclusive of up to 4 years of relevant education, including 3+ years of experience in security
• Must have demonstrable experience with:
  • Microsoft/Office 365 Security landscape.
  • Azure and on-premise Active Directory.
  • PowerShell and Regular Expressions.
  • Software Development and/or Development Security Operations.
  • Performing and managing proactive risk identification and mitigation, including penetration testing, network vulnerability assessments, and system risk profiling.
  • Security incident detection, response, handling, and forensics
• Must understand networking concepts, protocols, and services.
• Must have excellent verbal and written communication skills.
• Must possess a very strong troubleshooting methodology to tackle issues efficiently.
• Must be self-starting and self-sufficient to complete tasks in a timely and effective manner.

What We Offer:

• Industry-Leading Healthcare Coverage
• Profit-Sharing Plan with Safe Harbor Contribution
• Generous Paid Time Off & Holidays
• Paid Parental Leave
• Tuition Reimbursement Program
• Free Onsite Fitness & Recreation Center

Join us in our mission to ‘Align People and Innovation to Drive Excellence!’

• Make Lives Better Together
• Take Pride in the Extraordinary
• Define the Standard

Job Description

CIC Group, located in Fenton, MO is seeking a skilled Security Engineer to join our IT team. If you have experience using Microsoft security tools, a drive for automation, and a desire to make a material impact on a company's security posture, this is a great opportunity to advance your career. You will be part of the Enterprise IT team that is responsible for safeguarding the company's infrastructure, people, and data to enable the business to meet its objectives.

CIC Group, Inc is a company of companies. We are more than a holding company; we are partners with our business units. We work closely with and support our business units to allow them focus on delivering for their customers.

DAY IN THE LIFE:

The Security Engineer will report to the Enterprise IT Infrastructure and Operations Manager. They will support the cybersecurity tool ecosystem, including leading tool selection and implementation in collaboration with other internal and third-party security and infrastructure personnel. Support and maintenance of assigned security technologies with primary focus on endpoint, server, network, communications, and identity security capabilities using technologies such as Microsoft Defender Suite, Sentinel, Purview, and others will be a core responsibility. Second level support for security incidents, advanced troubleshooting of security tools, and end-user issues will also be required.

The Security Engineer will support management in the development of policies that align with organizational goals, industry standards, and regulatory requirements. This requires the entire security team to monitor advancements in cloud, hardware, and software security technologies to make recommendations for increasing efficiencies and capabilities within the organization. This position will have a pivotal role in the on-going development of security capabilities and the roadmap of future enhancements. Working with external vendors supporting the company will be a regular requirement for this position.

This position will be responsible for creating and maintaining procedural documentation for IT and user audiences. They are expected to uphold all IT and security policies, follow IT and security best practices, and provide backup support for other team members as needed. This is a hybrid remote position with very limited travel required inside and outside the United States. The position will participate in an on-call support rotation, for security issue resolution.

QUALIFICATIONS:

• 4+ years of proven, hands-on experience with using and managing Microsoft Security tools including the following: Defender for Endpoint, Defender for Servers, Defender for Cloud, Sentinel, Purview, Endpoint Configuration Manager (MECM/SCCM), and Intune. Candidates with experience using and managing similar platforms will be considered and must be willing and able to learn the required technologies.
• Experience with Microsoft core infrastructure technologies (Windows Server, Active Directory, Entra ID, DNS, DHCP, Group Policy, DFS Namespace, Certificate Authority/PKI).
• Experience managing security tool deployments, configuration, and integration with third-party tools.
• Expertise in PowerShell scripting for automation, reporting, and system management tasks.
• Experience working with Managed Security Services Provider for managed SIEM/SOC services including support of incident response activities.
• Highly professional, detail-oriented, organized, and trustworthy individual.
• Proficiency in spoken and written communication in English, with the ability to explain complex technical concepts to non-technical people.
• BS/BA in IT / Computer Science / Cybersecurity related field, or equivalent work experience.

PREFERRED SKILLS:

• Basic knowledge of NIST Cybersecurity Framework and supporting control structures.
• Experience supporting a multi-national IT infrastructure utilizing a Zero Trust security model.
• Security certifications, such as CISSP, highly desired.

We provide full benefits package. Our 401(K) provides an employer match and an annual non-elective contribution. We provide medical with an employer contribution toward the HSA. Dental and Short-Term disability is 100% covered by the company. We also offer vision, fitness reimbursement, flexible work schedule, and the opportunity to work with a successful organization.

If you are interested in this position, please simply click the Apply button to get started! Our application is quick and should take you less than 5 minutes to fill out. Your information will be then sent directly to the Recruiter.

CIC Group is committed to creating and maintaining an environment in which all employees feel valued, included, safe, and empowered to do their best work. We are proud to be an equal opportunity workplace and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics.

Pre-employment drug screen and background check is required.

Foresite is seeking a highly motivated and passionate Security Engineer with a specialized focus on Google Security Operations (SecOps) to join our growing team. In this client-facing role, you will be instrumental in helping our clients leverage the full potential of Google's security offerings to enhance their security posture. If you have a strong foundation in security operations, a drive to continuously learn, and a desire to provide expert guidance, we encourage you to apply!

What You'll Do:

As a Security Engineer specializing in Google SecOps, you will be a trusted advisor to our clients, guiding them through the implementation, optimization, and ongoing management of their Google security solutions. Your responsibilities will include:

• Infrastructure Provisioning: Design, configure, and deploy Google security tools and platforms for clients, ensuring seamless integration with their existing environments. This may include configuring Google Cloud Security Command Center, Chronicle Security Operations, BeyondCorp Enterprise, and other relevant Google security services.

• General Support & Troubleshooting: Provide expert-level support for client inquiries and issues related to Google SecOps tools and configurations. Diagnose and resolve technical challenges efficiently and effectively.

• Security Guidance & Best Practices: Offer proactive security guidance and recommendations to clients based on Google's security best practices and industry standards. Help clients understand and mitigate potential risks within their Google Cloud environments.

• Product Strategy & Optimization: Collaborate with clients to understand their security objectives and develop tailored Google SecOps strategies. Advise on product selection, feature utilization, and roadmap planning to maximize their security investments.

• Client Relationship Management: Build and maintain strong, positive relationships with clients, acting as a primary technical point of contact for Google SecOps initiatives.

• Documentation & Knowledge Sharing: Create and maintain comprehensive documentation for client environments, configurations, and best practices. Share knowledge and expertise with internal teams.

• Stay Current: Continuously research and stay up-to-date with the latest Google security product updates, features, and threat landscape trends.

Who You Are:

• Passion for Security: You possess a genuine enthusiasm for cybersecurity and a strong desire to protect organizations from evolving threats.

• Experience: 3-5 years of experience in security operations, with a solid understanding of common security frameworks, incident response processes, and threat detection methodologies.

• Google SecOps Focus: Demonstrated experience with and understanding of Google Cloud security services, including but not limited to:

  • Google Cloud Security Command Center (SCC)

  • Google Security Operations

  • Google Threat Intelligence

  • Cloud Logging and Monitoring for security

  • Google Cloud Identity and Access Management (IAM)

  • Google Cloud Armor

• Certifications: Possess one or more security certifications such as:

  • CompTIA Security+

  • (ISC)² SSCP or CISSP (Associate of (ISC)²)

  • Google Cloud Professional Cloud Security Engineer (highly preferred)

  • Other relevant cloud security certifications

• Client-Facing Skills: Excellent communication, presentation, and interpersonal skills with the ability to articulate complex technical concepts clearly to both technical and non-technical audiences.

• Problem-Solver: Strong analytical and problem-solving skills with a meticulous attention to detail.

• Self-Starter: Ability to work independently and as part of a team in a fast-paced, dynamic environment.

• Proactive Learner: A continuous learner who stays ahead of industry trends and new technologies.

A World-Changing Company

Palantir builds the world's leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more.

The Role

As an Information Security Engineer, you are responsible for the security of Palantir's people and infrastructure around the globe. Your technical expertise is second only to your integrity and real passion for security and technology in general. Our ideal candidate works well on a team, is highly motivated, and enjoys solving problems and taking on new challenges.

In this role, you'll be the first line of defense for protecting Palantir. Your team is responsible for the 24/7 prevention, detection, and investigation of security events and active attacks across our entire infrastructure. Your work will directly impact the success of Palantir's mission as you seek to make it challenging for our adversaries and protect our global network.